1. (Currently Amended) An apparatus comprising: 
at least one processor; 

a memory coupled to the at least one processor; 

a plurality of object oriented classes residing in the memory, at least one of the 
plurality of object oriented classes including state data that indicates a protected class; 

a catalog of allowed classes residing in the memory, the catalog of allowed classes 
including all classes that are authorized to access at least one protected class; and 

a state/domain checker residing in the memory and executed by the at least one 
processor, the state/domain checker performing a plurality of checks when each of the 
plurality of object oriented classes is loaded, the plurality of checks determining whether 
a class being loaded accesses the at least one protected class, and if so, determining 
whether the class being loaded is included in the catalog of allowed classes, and 
generating an exception if the class being loaded is not included in the catalog of allowed 
classes , wherein the state/domain checker further performs at least one runtime check 
when a method that may reference a dynamically defined class is invoked and when a 
function is invoked that could potentially access a method on one or more of the plurality 
of classes. 



2. (Cancelled) 



1 3. (Previously Presented) An apparatus comprising: 

2 at least one processor; 

3 a memory coupled to the at least one processor; 

4 a plurality of object oriented classes residing in the memory, at least one of the 

5 plurality of object oriented classes including state data that indicates a protected class; 

6 a state/domain checker residing in the memory and executed by the at least one 

7 processor, the state/domain checker performing a plurality of checks when each of the 

8 plurality of object oriented classes is loaded, the plurahty of checks determining whether 

9 a class being loaded accesses at least one protected class, and if so, determining whether 

10 the class being loaded is authorized to access the at least one protected class, and 

1 1 generating an exception if the class being loaded is not authorized to access the at least 

12 one protected class, wherein the state/domain checker further performs at least one 

1 3 runtime check when a method that may reference a dynamically defined class is invoked 

14 and when a function is invoked that could potentially access a method on one or more of 

15 the plurality of classes, wherein the at least one runtime check includes a check to 

16 determine whether a Java reflection method is invoked by a referencing class on a 

17 referenced class, and if a Java reflection method is invoked by the referencing class, and 

1 8 if the referenced class implements a private domain interface, and if the referencing class 

19 does not implement a system state interface, generating an error. 
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1 4. (Previously Presented) An apparatus comprising: 

2 at least one processor; 

3 a memory coupled to the at least one processor; 

4 a plurality of object oriented classes residing in the memory, at least one of the 

5 plurality of object oriented classes including state data that indicates a protected class; 

6 a state/domain checker residing in the memory and executed by the at least one 

7 processor, the state/domain checker performing a plurality of checks when each of the 

8 plurality of object oriented classes is loaded, the plurality of checks determining whether 

9 a class being loaded accesses at least one protected class, and if so, determining whether 

10 the class being loaded is authorized to access the at least one protected class, and 

1 1 generating an exception if the class being loaded is not authorized to access the at least 

12 one protected class, wherein the state/domain checker further performs at least one 

1 3 runtime check when a method that may reference a dynamically defined class is invoked 

14 and when a function is invoked that could potentially access a method on one or more of 

1 5 the plurality of classes, wherein the at least one runtime check includes a check to 

16 determine whether a Java Native Interface (JNI) function is invoked by an external 

17 program to access a protected class, and if the extemal program invokes a JNI function to 

1 8 access a protected class, and the extemal program is not running in system state, 

1 9 generating an error. 

1 5. (Original) The apparatus of claim 1 wherein a class is a protected class if the class is 

2 defined as a private domain class or a system state class. 

1 6. (Previously Presented) The apparatus of claim 1 wherein the plurality of checks 

2 includes a check during class verification that determines whether a class being verified 

3 implements a private domain interface or a system state interface, and if the class being 

4 verified implements a private domain interface or a system state interface, and if the class 

5 being verified is not included in the catalog of allowed classes, generating an error. 
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1 7. (Previously Presented) The apparatus of claim 1 wherein the catalog of allowed 

2 classes is generated during a build process that packages the plurality of classes together 

3 into an installable form. 

1 8. (Original) The apparatus of claim 1 wherein the plurality of checks includes a check 

2 during class preparation that determines whether a class being prepared has a superclass, 

3 and if the class being prepared has a superclass, and if the superclass implements a 

4 private domain interface or a system state interface, and if the class being prepared does 

5 not implement at least the same private domain interface or system state interface as the 

6 superclass, generating an error. 

1 9. (Original) The apparatus of claim 1 wherein the plurality of checks includes a check 

2 during class resolution that determines whether a class being resolved to by a referencing 

3 class implements a private domain interface, and if the class being resolved to by the 

4 referencing class implements the private domain interface, and if the referencing class 

5 does not implement a system state interface, generating an error. 

1 10. (Original) The apparatus of claim 9 wherein the check during class resolution is 

2 performed before runtime when a class is loaded. 

1 11. (Original) The apparatus of claim 9 wherein the check during class resolution is 

2 performed at runtime when a method on the class being resolved to is invoked. 
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1 12. (Original) An apparatus comprising: 

2 at least one processor; 

3 a memory coupled to the at least one processor; 

4 a plurality of Java classes residing in the memory, at least one of the plurality of 

5 Java classes including state data that indicates a protected class; 

6 a Java Virtual Machine (JVM) residing in the memory and executed by the at least 

7 one processor; 

8 a state/domain checker residing in the memory and executed by the at least one 

9 processor, the state/domain checker performing the following checks: 

10 a first check during class verification that determines whether a class being 

1 1 verified implements a private domain interface or a system state interface, and if 

12 the class being verified implements a private domain interface or a system state 

13 interface, and if the class being verified is not included in a catalog of allowed 

14 classes that is generated during a JVM build process that packages the plurality of 

15 classes together into an installable form, throwing an exception; 

16 a second check during class preparation that determines whether a class 

1 7 being prepared has a superclass, and if the class being prepared has a superclass, 

1 8 and if the superclass implements a private domain interface or a system state 

19 interface, and if the class being prepared does not implement at least the same 

20 private domain interface or system state interface as the superclass, throwing an 

21 exception; 

22 a third check during class resolution that determines whether a class being 

23 resolved to by a referencing class implements a private domain interface, and if 

24 the class being resolved to by the referencing class implements the private domain 

25 interface, and if the referencing class does not implement a system state interface, 

26 throwing an exception; 



6 



(claim 12 continued) 



27 a fourth check to determine whether a Java reflection method is invoked 

28 by a referencing class on a referenced class, and if a Java reflection method is 

29 invoked by the referencing class, and if the referenced class implements a private 

30 domain interface, and if the referencing class does not implement a system state 

31 interface, throwing an exception; and 

32 a fifth check to determine whether a Java Native Interface (JNI) function is 

33 invoked by a program extemal to the JVM to access a protected class at runtime, 

34 and if the program invokes a JNI function to access a protected class, and the 

35 program is not running in system state, throwing an exception. 
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1 13. (Currently Amended) A method for creating and enforcing protected system level 

2 Java code comprising the steps of: 

3 providing a catalog of allowed classes that includes all classes that are authorized 

4 to access at least one protected class; 

5 loading a plurality of Java classes, each of the plurality of Java classes that is 

6 protected including state data that indicates a protected class; [[and]] 

7 performing a plurality of checks when each of the plurality of Java classes is 

8 loaded, the plurality of checks determining whether the class being loaded accesses at 

9 least one protected class, and if so, determining whether the class being loaded is 

10 included in the catalog of allowed classes, and generating an exception if the class being 

1 1 loaded is not included in the catalog of allowed classes : and 

12 performing at least one runtime check when a method that mav reference a 

13 dvnamicallv defined class is invoked and when a function is invoked that could 

14 potentiallv access a method on one or more of the pluralitv of classes . 

1 14. (Cancelled) 
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1 15. (Previously Presented) A method for creating and enforcing protected system level 

2 Java code comprising the steps of: 

3 loading a plurality of Java classes, each of the plurality of Java classes that is 

4 protected including state data that indicates a protected class; 

5 performing a plurality of checks when each of the plurality of Java classes is 

6 loaded, the plurality of checks determining whether the class being loaded accesses at 

7 least one protected class, and if so, determining whether the class being loaded is 

8 authorized to access the at least one protected class, and generating an exception if the 

9 class being loaded is not authorized to access the at least one protected class, 

10 performing at least one runtime check when a method that may reference a 

1 1 dynamically defined class is invoked and when a function is invoked that could 

12 potentially access a method on one or more of the plurality of classes, wherein the at least 

13 one runtime check includes a check to determine whether a Java reflection method is 

14 invoked by a referencing class on a referenced class, and if a Java reflection method is 

15 invoked by the referencing class, and if the referenced class implements a private domain 

16 interface, and if the referencing class does not implement a system state interface, 

1 7 generating an error. 
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1 16. (Previously Presented) A method for creating and enforcing protected system level 

2 Java code comprising the steps of: 

3 loading a plurality of Java classes, each of the plurality of Java classes that is 

4 protected including state data that indicates a protected class; 

5 performing a plurality of checks when each of the plurality of Java classes is 

6 loaded, the plurality of checks determining whether the class being loaded accesses at 

7 least one protected class, and if so, determining whether the class being loaded is 

8 authorized to access the at least one protected class, and generating an exception if the 

9 class being loaded is not authorized to access the at least one protected class, 

10 performing at least one runtime check when a method that may reference a 

1 1 dynamically defined class is invoked and when a function is invoked that could 

12 potentially access a method on one or more of the plurality of classes, wherein the at least 

13 one runtime check includes a check to determine whether a Java Native Interface (JNI) 

14 function is invoked by an extemal program to access a protected class, and if the external 

15 program invokes a JNI function to access a protected class, and the program is not 

16 running in system state, generating an error. 

1 17. (Original) The method of claim 13 wherein a class is a protected class if the class is 

2 defined as a private domain class or a system state class. 

1 18. (Previously Presented) The method of claim 13 wherein the plurality of checks 

2 includes a check during class verification that determines whether a class being verified 

3 implements a private domain interface or a system state interface, and if the class being 

4 verified implements a private domain interface or a system state interface, and if the class 

5 being verified is not included in the catalog of allowed classes, generating an error. 

1 19. (Previously Presented) The method of claim 1 3 wherein the catalog of allowed classes 

2 is generated during a JVM build process that packages the plurality of classes together 

3 into an installable form. 
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1 20. (Original) The method of claim 13 wherein the plurality of checks includes a check 

2 during class preparation that determines whether a class being prepared has a superclass, 

3 and if the class being prepared has a superclass, and if the superclass implements a 

4 private domain interface or a system state interface, and if the class being prepared does 

5 not implement at least the same private domain interface or system state interface as the 

6 superclass, generating an error. 

1 21. (Original) The method of claim 13 wherein the plurality of checks includes a check 

2 during class resolution that determines whether a class being resolved to by a referencing 

3 class implements a private domain interface, and if the class being resolved to by the 

4 referencing class implements the private domain interface, and if the referencing class 

5 does not implement a system state interface, generating an error. 

1 22. (Original) The method of claim 21 wherein the check during class resolution is 

2 performed before runtime when a class is loaded by a Java Virtual Machine (JVM). 

1 23. (Original) The apparatus of claim 21 wherein the check during class resolution is 

2 performed at runtime when a method on the class being resolved to is invoked. 
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1 24. (Original) A method for creating and enforcing protected system level Java code 

2 comprising the steps of: 

3 running a Java Virtual Machine (JVM); 

4 the JVM loading a plurality of Java classes, each of the plurality of Java classes 

5 that is protected including state data that indicates a protected class; 

6 performing a first check during class verification that determines whether a class 

7 being verified implements a private domain interface or a system state interface, and if 

8 the class being verified implements a private domain interface or a system state interface, 

9 and if the class being verified is not included in a catalog of allowed classes that is 

1 0 generated during a JVM build process that packages the plurality of classes together into 

11 an installable form, throwing an exception; 

12 performing a second check during class preparation that determines whether a 



1 3 class being prepared has a superclass, and if the class being prepared has a superclass, and 

14 if the superclass implements a private domain interface or a system state interface, and if 

15 the class being prepared does not implement at least the same private domain interface or 

16 system state interface as the superclass, throwing an exception; 

1 7 performing a third check during class resolution that determines whether a class 

1 8 being resolved to by a referencing class implements a private domain interface, and if the 

19 class being resolved to by the referencing class implements the private domain interface, 

20 and if the referencing class does not implement a system state interface, throwing an 

21 exception; 

22 performing a fourth check to determine whether a Java reflection method is 

23 invoked by a referencing class on a referenced class at runtime, and if a Java reflection 

24 method is invoked by the referencing class, and if the referenced class implements a 

25 private domain interface, and if the referencing class does not implement a system state 

26 interface, throwing an exception; and 
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(claim 24 continued) 

27 performing a fifth check to determine whether a Java Native hiterface (JNI) 

28 function is invoked by a program external to the JVM to access a protected class at 

29 runtime, and if the program invokes a JNI fimction to access a protected class, and the 

30 program is not running in system state, throwing an exception. 

1 25. (Currently Amended) A method for building a computer program that includes system 

2 level code, the method comprising the steps of: 

3 generating Java source code for a plurality of object oriented classes, each of the 

4 plurality of object oriented classes that is protected including state data defined in the 

5 Java source code that indicates a protected class; 

6 identifying fi-om the Java source code for each object oriented class which of the 

7 plurality of object oriented classes are protected; 

8 compiling the Java source code for the pluraUty of object oriented classes, thereby 

9 creating a plurality of class files that correspond to the plurality of object oriented classes; 

10 creating a catalog of allowable classes, the catalog including all protected classes; 

1 1 compiling source code for a Java Virtual Machine (JVM) to produce an 

12 executable JVM; 

13 creating installable media that includes the executable JVM, the catalog of 

14 allowable classes, and the class files ; and 

15 performing at least one runtime check when a method that may reference a 

16 dynamically defined class is invoked and when a function is invoked that could 

17 potentially access a method on one or more of the plurality of object oriented classes . 
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1 26. (Currently Amended) A computer-readable program product for checking a class 

2 being loaded, the program product comprising: 

3 a state/domain checker that performs a plurality of checks when each of a plurality 

4 of object oriented classes is loaded, the plurality of checks determining whether a class 

5 being loaded accesses at least one protected class, and if so, determining whether the 

6 class being loaded is included in a catalog of allowed classes that includes all classes that 

7 are authorized to access at least one protected class, and generating an exception if the 

8 class being loaded is not included in the catalog of allowed classes , wherein the 

9 state/domain checker further performs at least one runtime check when a method that may 

10 reference a dynamically defined class is invoked and when a function is invoked that 

1 1 could potentially access a method on one or more of the plurality of classes : and 

1 2 computer readable signal bearing media bearing the state/domain checker. 

1 27. (Original) The program product of claim 26 wherein said signal bearing media 

2 comprises recordable media. 

1 28. (Original) The program product of claim 26 wherein said signal bearing media 

2 comprises transmission media. 

1 29. (Cancelled) 
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30. (Currently Amended) A computer-readable program product for checking a class 
being loaded, the program product comprising: 

a state/domain checker that performs a plurality of checks when each of a plurality 
of object oriented classes is loaded, the plurality of checks determining whether a class 
being loaded accesses at least one protected class, and if so, determining whether the 
class being loaded is authorized to access the at least one protected class, and generating 
an exception if the class being loaded is not authorized to access the at least one protected 
class, wherein the state/domain checker further performs at least one runtime check when 
a method that may reference a dynamically defined class is invoked and when a fimction 
is invoked that could potentially access a method on one or more of the plurality of 
classes, wherein the at least one runtime check includes a check to determine whether a 
Java reflection method is invoked by a referencing class on a referenced class, and if a 
Java reflection method is invoked by the referencing class, and if the referenced class 
implements a private domain interface, and if the referencing class does not implement a 
system state interface, generating an erro r: and 

. computer readable signal bearing media bearing the state/domain checker . 
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3 1 . (Currently Amended) A computer-readable program product for checking a class 
being loaded, the program product comprising: 

a state/domain checker that performs a plurality of checks when each of a plurality 
of object oriented classes is loaded, the plurality of checks determining whether a class 
being loaded accesses at least one protected class, and if so, determining whether the 
class being loaded is authorized to access the at least one protected class, and generating 
an exception if the class being loaded is not authorized to access the at least one protected 
class, wherein the state/domain checker further performs at least one runtime check when 
a method that may reference a dynamically defined class is invoked and when a function 
is invoked that could potentially access a method on one or more of the plurality of 
classes, wherein the at least one runtime check includes a check to determine whether a 
Java Native Interface (JNI) function is invoked by an external program to access a 
protected class, and if the extemal program invokes a JNI function to access a protected 
class, and the extemal program is not running in system state, generating an erro r: and 
computer readable signal bearing media bearing the state/domain checker . 

32. (Original) The program product of claim 26 wherein a class is a protected class if the 
class is defined as a private domain class or a system state class. 

33. (Previously Presented) The program product of claim 26 wherein the plurality of 
checks includes a check during class verification that determines whether a class being 
verified implements a private domain interface or a system state interface, and if the class 
being verified implements a private domain interface or a system state interface, and if 
the class being verified is not included in the catalog of allowed classes, generating an 
error. 

34. (Previously Presented) The program product of claim 26 wherein the catalog of 
allowed classes is generated during a build process that packages the plurality of classes 
together into an installable form. 
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35. (Original) The program product of claim 26 wherein the plurality of checks includes a 
check during class preparation that determines whether a class being prepared has a 
superclass, and if the class being prepared has a superclass, and if the superclass 
implements a private domain interface or a system state interface, and if the class being 
prepared does not implement at least the same private domain interface or system state 
interface as the superclass, generating an error. 

36. (Original) The program product of claim 26 wherein the plurality of checks includes a 
check during class resolution that determines whether a class being resolved to by a 
referencing class implements a private domain interface, and if the class being resolved to 
by the referencing class implements the private domain interface, and if the referencing 
class does not implement a system state interface, generating an error. 

37. (Original) The program product of claim 36 wherein the check during class resolution 
is performed before runtime when a class is loaded. 

38. (Original) The program product of claim 36 wherein the check during class resolution 
is performed at runtime when a method on the class being resolved to is invoked. 
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1 39. (Currently Amended) A computer-readable program product for checking a class 

2 being loaded, the program product comprising: 



3 (A) a plurality of Java classes, at least one of the plurality of Java classes 

4 including state data that indicates a protected class; 

5 (B) a Java Virtual Machine (JVM) executable program; 

6 (C) a state/domain checker that performs the following checks: 

7 (CI) a first check during class verification that determines whether a class 

8 being verified implements a private domain interface or a system state interface, 

9 and if the class being verified implements a private domain interface or a system 

10 state interface, and if the class being verified is not included in a catalog of 

1 1 allowed classes that is generated during a JVM build process that packages the 

12 plurality of classes together into an installable form, throwing an exception; 

1 3 (C2) a second check during class preparation that determines whether a 

14 class being prepared has a superclass, and if the class being prepared has a 

15 superclass, and if the superclass implements a private domain interface or a 

16 system state interface, and if the class being prepared does not implement at least 

17 the same private domain interface or system state interface as the superclass, 

1 8 throwing an exception; 

1 9 (C3) a third check during class resolution that determines whether a class 

20 being resolved to by a referencing class implements a private domain interface, 

21 and if the class being resolved to by the referencing class implements the private 

22 domain interface, and if the referencing class does not implement a system state 

23 interface, throwing an exception; 

24 (C4) a fourth check to determine whether a Java reflection method is 

25 invoked by a referencing class on a referenced class at runtime, and if a Java 

26 reflection method is invoked by the referencing class, and if the referenced class 

27 implements a private domain interface, and if the referencing class does not 

28 implement a system state interface, throwing an exception; 
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(claim 39 continued) 



28 (C5) a fifth check to determine whether a Java Native Interface (JNI) 

29 fimction is invoked by a program external to the JVM to access a protected class 

30 at runtime, and if the program invokes a JNI function to access a protected class, 

3 1 and the program is not running in system state, throwing an exception; and 

32 (D) computer readable signal bearing media bearing the plurality of Java classes, 



33 the JVM executable program, and the state/domain checker. 

1 40. (Original) The program product of claim 39 wherein said signal bearing media 

2 comprises recordable media. 

1 41 . (Original) The program product of claim 39 wherein said signal bearing media 

2 comprises transmission media. 

Please add the following new claims. 

1 42. (New) The program product of claim 30 wherein said signal bearing media comprises 

2 recordable media. 

1 43. (New) The program product of claim 30 wherein said signal bearing media comprises 

2 transmission media. 

1 44. (New) The program product of claim 31 wherein said signal bearing media comprises 

2 recordable media. 

1 45. (New) The program product of claim 31 wherein said signal bearing media comprises 

2 transmission media. 
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STATUS OF THE CLAIMS 



Claims 1-41 were originally filed in this patent application. In response to the 
first office action dated 9/1 1/03, an amendment was filed on 12/10/03 that amended the 
specification, but did not amend any of the claims as originally filed, hi response to the 
second office action dated 03/25/04, an amendment was filed on 06/25/04 that amended 
claims 1, 3, 4, 6, 7, 13, 15, 16, 18, 19, 26, 30, 32, 33 and 34. hi the pending final office 
action, claims 26-41 were rejected under 35 U.S.C. §101 as being directed to non- 
statutory subject matter. Claims 1, 5-7, 13, 17-19, 25-28 and 32-34 were rejected under 
35 U.S.C. § 103(a) as being unpatentable over U.S. Patent No. 6,714,991 to Bak et al. 
(hereinafter "Bak") in view of U.S. Patent No. 6,601,1 14 to Bracha et al. (hereinafter 
"Bracha"). Claims 2, 8-11, 14, 20-23, 29 and 35-38 were objected to as depending upon 
a rejected base claim, but would be allowable if properly rewritten in independent form. 
Claims 3, 4, 12, 15, 16 and 24 were allowed. In this amendment, claims 2, 14 and 29 
have been cancelled, claims 1,13, 25, 26, 30, 31 and 39 have been amended, and new 
claims 42-45 have been added. Claims 1, 3-13, 15-28 and 30-45 are currently pending. 
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